Platform imakulolani kuti muchepetse kulenga , kuphatikiza muzomangamanga za opereka chithandizo chamtambo, pamapulatifomu owoneka bwino kapena machitidwe opanda zitsulo. Kuti tipange nsanja yokhazikika pamtambo, tidayenera kuwongolera zinthu zonse zomwe zimagwiritsidwa ntchito ndikuwonjezera kudalirika kwa njira yovuta yodzipangira yokha.
Yankho lodziwikiratu linali kugwiritsa ntchito Red Hat Enterprise Linux CoreOS (yosiyana ndi Red Hat Enterprise Linux) ndi CRI-O monga muyezo, ndichifukwa chake ...
Popeza mutu wapanyanja ndi wabwino kwambiri wopezera mafananidwe pofotokozera ntchito ya Kubernetes ndi zotengera, tiyeni tiyese kukambirana zamavuto omwe CoreOS ndi CRI-O amathetsa, pogwiritsa ntchito chitsanzo. . Mu 1803, a Marc Brunel adapatsidwa ntchito yopanga midadada 100 yopangira zosowa za gulu lankhondo laku Britain lomwe likukula. Chotchinga ndi mtundu wina wa zingwe zomwe zimagwiritsidwa ntchito kumangirira zingwe ku matanga. Mpaka kumayambiriro kwa zaka za zana la 19, midadada iyi idapangidwa ndi manja, koma Brunel adakwanitsa kupanga ndikuyamba kupanga midadada yokhazikika pogwiritsa ntchito zida zamakina. Kugwiritsa ntchito njira imeneyi kumatanthauza kuti midadada yotulukayo inali yofanana, imatha kusinthidwa mosavuta ngati itathyoledwa, ndipo imatha kupangidwa mochuluka.
Tsopano taganizirani ngati Brunel amayenera kuchita ntchitoyi pamitundu 20 ya zombo zosiyanasiyana (mitundu ya Kubernetes) komanso mapulaneti asanu osiyanasiyana okhala ndi mafunde ndi mphepo zapanyanja (opereka mtambo). Kuonjezera apo, zinkafunika kuti zombo zonse (magulu a OpenShift), mosasamala kanthu za mapulaneti omwe amayendetsa maulendo, kuchokera kwa oyang'anira (oyendetsa ntchito omwe amayang'anira ntchito zamagulu) azichita chimodzimodzi. Kuti apitirize fanizo la panyanja, oyendetsa sitimayo samasamala konse kuti ndi zotani zamtundu wanji (CRI-O) zomwe zimagwiritsidwa ntchito pazombo zawo - chinthu chachikulu kwa iwo ndi chakuti midadadayi ndi yamphamvu komanso yodalirika.
OpenShift 4, ngati nsanja yamtambo, ikukumana ndi zovuta zamabizinesi zofananira. Node zatsopano ziyenera kupangidwa panthawi yopanga magulu, ngati zalephera mu imodzi mwa mfundo, kapena pokulitsa masango. Node yatsopano ikapangidwa ndikukhazikitsidwa, zida zofunika kwambiri, kuphatikiza CRI-O, ziyenera kukhazikitsidwa moyenera. Monga mukupanga kwina kulikonse, "zida zopangira" ziyenera kuperekedwa koyambirira. Pankhani ya zombo, zopangira ndi zitsulo ndi matabwa. Komabe, pakupanga gulu loperekera zotengera mugulu la OpenShift 4, muyenera kukhala ndi mafayilo osinthika ndi ma seva operekedwa ndi API ngati cholowetsa. OpenShift idzapereka mulingo wofunikira wodzipangira nthawi yonse yamoyo, kupereka chithandizo chofunikira chazinthu kwa ogwiritsa ntchito ndikubwezeretsanso ndalama zomwe zasungidwa papulatifomu.
OpenShift 4 idapangidwa m'njira yoti ipereke kuthekera kosintha dongosololi munthawi yonse ya moyo wa nsanja (yamitundu 4.X) kwa onse opereka ma computing amtambo, mapulatifomu owoneka bwino komanso makina azitsulo opanda kanthu. Kuti muchite izi, ma node ayenera kupangidwa pamaziko a zinthu zosinthika. Gulu likafuna mtundu watsopano wa Kubernetes, limalandiranso mtundu wofananira wa CRI-O pa CoreOS. Popeza mtundu wa CRI-O umalumikizidwa mwachindunji ndi Kubernetes, izi zimathandizira kwambiri zilolezo zilizonse zoyesa, kuthetsa mavuto, kapena zolinga zothandizira. Kuonjezera apo, njirayi imachepetsa ndalama kwa ogwiritsa ntchito mapeto ndi Red Hat.
Iyi ndi njira yatsopano yoganizira zamagulu a Kubernetes ndikuyala maziko okonzekera zinthu zatsopano zothandiza komanso zokakamiza. CRI-O (Chiyankhulo cha Chikhombo Chotsegula - Open Container Initiative, chofupikitsidwa CRI-OCI) idakhala chisankho chopambana kwambiri pakupanga ma node ambiri omwe amafunikira kuti azigwira ntchito ndi OpenShift. CRI-O ilowa m'malo mwa injini ya Docker yomwe idagwiritsidwa ntchito kale, yopatsa ogwiritsa ntchito OpenShift - inde, mwamva bwino - injini yotopetsa yopangidwa kuti igwire ntchito ndi Kubernetes.
Dziko la zotengera zotseguka
Dziko lapansi lakhala likusunthira kumalo otseguka kwa nthawi yayitali. Kaya ku Kubernetes, kapena m'magulu otsika, kumabweretsa chilengedwe chazatsopano pamlingo uliwonse.
Zonse zidayamba ndikupanga Open Containers Initiative . Pachiyambi ichi cha ntchito, zizindikiro za chidebe zinapangidwa ΠΈ . Izi zidatsimikizira kuti zida zitha kugwiritsa ntchito muyezo umodzi ndi mtundu umodzi wogwirira ntchito nawo. Mfundo zinawonjezeredwa pambuyo pake , kulola ogwiritsa ntchito kugawana mosavuta .
Gulu la Kubernetes kenako linapanga mulingo umodzi wolumikizira mawonekedwe, otchedwa . Chifukwa cha izi, ogwiritsa ntchito a Kubernetes adatha kulumikiza injini zosiyanasiyana kuti azigwira ntchito ndi zotengera kuwonjezera pa Docker.
Akatswiri a Red Hat ndi Google adawona kufunikira kwa msika kwa injini ya chidebe yomwe ingavomereze zopempha za Kubelet pa ndondomeko ya CRI ndikuyambitsa zida zomwe zinali zogwirizana ndi zomwe OCI yatchulidwa pamwambapa. Choncho . Koma pepani, kodi sitinanene kuti nkhaniyi idzaperekedwa kwa CRI-O? Kwenikweni, ndi kumasulidwa basi Ntchitoyi idasinthidwa kukhala CRI-O.
Mkuyu. 1.
Kupanga zatsopano ndi CRI-O ndi CoreOS
Ndi kukhazikitsidwa kwa nsanja ya OpenShift 4, idasinthidwa , yogwiritsidwa ntchito mwachisawawa pa pulatifomu, ndipo Docker inasinthidwa ndi CRI-O, yopereka malo otsika mtengo, okhazikika, osavuta komanso otopetsa poyendetsa chidebe chomwe chimakula mofanana ndi Kubernetes. Izi zimathandizira kwambiri kuthandizira magulu ndi kasinthidwe. Kukonzekera kwa injini ya chidebe ndi wolandila, komanso kasamalidwe kawo, kumakhala kokhazikika mkati mwa OpenShift 4.
Dikirani, izi zili bwanji?
Ndiko kulondola, kubwera kwa OpenShift 4, sipakufunikanso kulumikizana ndi makamu apawokha ndikuyika injini yachidebe, sinthani kusungirako, sinthani maseva osakira kapena sinthani maukonde. Pulatifomu ya OpenShift 4 idakonzedwanso kuti igwiritse ntchito osati ponena za mapulogalamu a ogwiritsira ntchito mapeto, komanso ponena za ntchito zoyambira papulatifomu monga kutumiza zithunzi, kukonza dongosolo, kapena kukhazikitsa zosintha.
Kubernetes nthawi zonse amalola ogwiritsa ntchito kuyang'anira mapulogalamu pofotokozera zomwe akufuna komanso kugwiritsa ntchito , kuonetsetsa kuti dziko lenileni likufanana ndi dziko lomwe mukufuna kuti lizigwirizana kwambiri. Izi imatsegula mwayi waukulu kuchokera kuzinthu zonse zachitukuko ndi machitidwe. Madivelopa akhoza kutanthauzira dziko lofunika ndi kwa wogwiritsa ntchito ngati fayilo ya YAML kapena JSON, ndiyeno wogwiritsa ntchitoyo atha kupanga mawonekedwe ofunikira pamalo opangira, ndipo momwe ntchito yanthawiyi imayenderana ndi yomwe yafotokozedwayo.
Pogwiritsa ntchito Operators papulatifomu, OpenShift 4 imabweretsa paradigm yatsopanoyi (pogwiritsa ntchito lingaliro la seti ndi dziko lenileni) ku kayendetsedwe ka RHEL CoreOS ndi CRI-O. Ntchito zokonza ndi kuyang'anira mitundu ya makina ogwiritsira ntchito ndi injini yamakina zimangochitika zokha pogwiritsa ntchito zomwe zimatchedwa . MCO imathandizira kwambiri ntchito yoyang'anira masango, makamaka kumangopanga magawo omaliza oyika, komanso ntchito zotsatizana ndi kukhazikitsa (tsiku lachiwiri). Zonsezi zimapangitsa OpenShift 4 kukhala nsanja yeniyeni yamtambo. Tilowa mu izi posachedwa.
Zotengera zothamanga
Ogwiritsa ntchito akhala ndi mwayi wogwiritsa ntchito injini ya CRI-O papulatifomu ya OpenShift kuyambira mtundu wa 3.7 mu Tech Preview status komanso kuchokera ku mtundu 3.9 mu mawonekedwe Opezeka Nthawi Zonse (omwe amathandizira pano). Kuphatikiza apo, Red Hat imagwiritsa ntchito kwambiri mu OpenShift Paintaneti kuyambira mtundu wa 3.10. Zonsezi zidalola gulu lomwe likugwira ntchito pa CRI-O kuti lidziwe zambiri pakuyambitsa zida zazikulu pamagulu akulu a Kubernetes. Kuti timvetsetse momwe Kubernetes amagwiritsira ntchito CRI-O, tiyeni tiwone fanizo lotsatirali, lomwe likuwonetsa momwe zomangamanga zimagwirira ntchito.
Mpunga. 2. Momwe zotengera zimagwirira ntchito mugulu la Kubernetes
CRI-O imathandizira kupanga makamu atsopano a chidebe mwa kulunzanitsa gawo lonse lapamwamba poyambitsa ma node atsopano, komanso potulutsa mitundu yatsopano ya nsanja ya OpenShift. Kuwunikiridwanso kwa nsanja yonse kumathandizira zosintha / kubweza, komanso kumalepheretsa kukhazikika pakudalira pakati pa chidebe mchira, injini ya chidebe, ma node (Kubelets) ndi mfundo ya Kubernetes Master. Poyang'anira zigawo zonse za nsanja, ndi kulamulira ndi kumasulira, nthawi zonse pamakhala njira yomveka bwino kuchokera ku boma A kupita ku boma B. Izi zifewetsa ndondomeko yosinthira, kupititsa patsogolo chitetezo, kupititsa patsogolo malipoti a ntchito, ndikuthandizira kuchepetsa mtengo wa zosintha ndi kukhazikitsa kwa mitundu yatsopano. .
Kuwonetsa mphamvu zazinthu zosinthira
Monga tanena kale, kugwiritsa ntchito Machine Config Operator kuyang'anira chotengera chotengera ndi injini ya chidebe mu OpenShift 4 kumapereka mulingo watsopano wodzipangira womwe sunali wotheka papulatifomu ya Kubernetes. Kuti muwonetse zatsopano, tikuwonetsani momwe mungasinthire fayilo ya crio.conf. Kuti mupewe kusokonezedwa ndi mawu, yesani kuyang'ana pa zotsatira.
Choyamba, tiyeni tipange zomwe zimatchedwa kasinthidwe ka nthawi ya chidebe - Container Runtime Config. Ganizirani ngati chida cha Kubernetes chomwe chikuyimira kasinthidwe kwa CRI-O. M'malo mwake, ndi mtundu wapadera wa china chake chotchedwa MachineConfig, chomwe ndi kasinthidwe kalikonse komwe kamatumizidwa ku makina a RHEL CoreOS ngati gawo la gulu la OpenShift.
Chida ichi, chotchedwa ContainerRuntimeConfig, chidapangidwa kuti chikhale chosavuta kwa oyang'anira magulu kuti akonze CRI-O. Chida ichi ndi champhamvu kwambiri moti chimatha kugwiritsidwa ntchito kumalo ena okha kutengera makina a MachineConfigPool. Lingalirani ngati gulu la makina omwe amagwira ntchito yofanana.
Zindikirani mizere iwiri yomaliza yomwe tisintha mu fayilo ya /etc/crio/crio.conf. Mizere iwiriyi ndi yofanana kwambiri ndi mizere ya fayilo ya crio.conf, ndi:
vi ContainerRuntimeConfig.yaml
Kutsiliza:
apiVersion: machineconfiguration.openshift.io/v1
kind: ContainerRuntimeConfig
metadata:
name: set-log-and-pid
spec:
machineConfigPoolSelector:
matchLabels:
debug-crio: config-log-and-pid
containerRuntimeConfig:
pidsLimit: 2048
logLevel: debug
Tsopano tiyeni tikankhire fayiloyi ku gulu la Kubernetes ndikuwona kuti idapangidwadi. Chonde dziwani kuti ntchitoyi ndi yofanana ndendende ndi zina zilizonse za Kubernetes:
oc create -f ContainerRuntimeConfig.yaml
oc get ContainerRuntimeConfig
Kutsiliza:
NAME AGE
set-log-and-pid 22h
Tikangopanga ContainerRuntimeConfig, tifunika kusintha imodzi mwa MachineConfigPools kuti iwonetse Kubernetes kuti tikufuna kugwiritsa ntchito kasinthidwe ka gulu linalake la makina omwe ali mgululi. Pankhaniyi tisintha MachineConfigPool ya ma node apamwamba:
oc edit MachineConfigPool/master
Kutsiliza (kuti zimveke, mfundo yaikulu yatsala):
...
metadata:
creationTimestamp: 2019-04-10T23:42:28Z
generation: 1
labels:
debug-crio: config-log-and-pid
operator.machineconfiguration.openshift.io/required-for-upgrade: ""
...
Panthawiyi, MCO ikuyamba kupanga fayilo yatsopano ya crio.conf ya tsango. Pankhaniyi, fayilo yomaliza yomaliza imatha kuwonedwa pogwiritsa ntchito Kubernetes API. Kumbukirani, ContainerRuntimeConfig ndi mtundu wapadera wa MachineConfig, kotero titha kuwona zotsatira zake poyang'ana mizere yoyenera mu MachineConfigs:
oc get MachineConfigs | grep rendered
Kutsiliza:
rendered-master-c923f24f01a0e38c77a05acfd631910b 4.0.22-201904011459-dirty 2.2.0 16h
rendered-master-f722b027a98ac5b8e0b41d71e992f626 4.0.22-201904011459-dirty 2.2.0 4m
rendered-worker-9777325797fe7e74c3f2dd11d359bc62 4.0.22-201904011459-dirty 2.2.0 16h
Chonde dziwani kuti fayilo yosinthidwa yomwe idatsatira ya master node inali yatsopano kuposa masinthidwe oyambilira. Kuti muwone, yendetsani lamulo ili. M'kupita kwanthawi, tikuwona kuti iyi mwina ndi imodzi mwazabwino kwambiri m'mbiri ya Kubernetes:
python3 -c "import sys, urllib.parse; print(urllib.parse.unquote(sys.argv[1]))" $(oc get MachineConfig/rendered-master-f722b027a98ac5b8e0b41d71e992f626 -o YAML | grep -B4 crio.conf | grep source | tail -n 1 | cut -d, -f2) | grep pid
Kutsiliza:
pids_limit = 2048
Tsopano tiyeni tiwonetsetse kuti kasinthidwe kagwiritsidwe ntchito pa ma master node onse. Choyamba timapeza mndandanda wa node mu cluster:
oc get node | grep master
Output:
ip-10-0-135-153.us-east-2.compute.internal Ready master 23h v1.12.4+509916ce1
ip-10-0-154-0.us-east-2.compute.internal Ready master 23h v1.12.4+509916ce1
ip-10-0-166-79.us-east-2.compute.internal Ready master 23h v1.12.4+509916ce1
Tsopano tiyeni tiwone fayilo yomwe idayikidwa. Mudzawona kuti fayiloyo yasinthidwa ndi zatsopano za pid ndi debug malangizo omwe tidawafotokozera mu ContainerRuntimeConfig. Kukongola komweko:
oc debug node/ip-10-0-135-153.us-east-2.compute.internal β cat /host/etc/crio/crio.conf | egrep 'debug||pidβ
Kutsiliza:
...
pids_limit = 2048
...
log_level = "debug"
...
Zosintha zonsezi pagulu zidapangidwa popanda kugwiritsa ntchito SSH. Ntchito zonse zidachitika polowera ku Kuberentes master node. Ndiko kuti, magawo atsopanowa adakonzedwa kokha pama node apamwamba. Ma node ogwira ntchito sanasinthe, zomwe zikuwonetsa ubwino wa njira ya Kubernetes yogwiritsira ntchito maiko enieni komanso enieni okhudzana ndi makamu a chidebe ndi injini zazitsulo zomwe zimakhala ndi zinthu zosinthika.
Chitsanzo pamwambapa chikuwonetsa kuthekera kosintha kagulu kakang'ono ka OpenShift Container Platform 4 yokhala ndi ma node atatu opangira kapena gulu lalikulu lopanga lomwe lili ndi node 3000. Mulimonsemo, kuchuluka kwa ntchito kudzakhala kofanana - komanso kochepa kwambiri - ingokonza fayilo ya ContainerRuntimeConfig, ndikusintha chizindikiro chimodzi mu MachineConfigPool. Ndipo mutha kuchita izi ndi mtundu uliwonse wa OpenShift Container Platform 4.X yomwe ikuyenda Kubernetes m'moyo wake wonse.
Nthawi zambiri makampani aukadaulo amasintha mwachangu kotero kuti sitingathe kufotokoza chifukwa chake timasankha matekinoloje ena pazigawo zomwe zili pansi pake. Injini zama Container m'mbiri yakale ndizo zomwe ogwiritsa ntchito amalumikizana nazo mwachindunji. Popeza kutchuka kwa zotengera mwachilengedwe kudayamba ndi kubwera kwa injini zamakina, ogwiritsa ntchito nthawi zambiri amawonetsa chidwi. Ichi ndi chifukwa china chomwe Red Hat adasankha CRI-O. Zotengera zikusintha ndikuyang'ana kwambiri zoyimba, ndipo tapeza kuti CRI-O imapereka chidziwitso chabwino kwambiri mukamagwira ntchito ndi OpenShift 4.
Source: www.habr.com